On Mon, Oct 19, 2009 at 05:43:44AM +0200, Polytropon wrote:
> On Sun, 18 Oct 2009 22:23:43 -0500, David Kelly <dke...@hiwaay.net> wrote:
> > When not using a count to indicate how much data is in a char* you  
> > should always test for null. Testing for null is not a sure fire way  
> > to prevent buffer over runs but its better than nothing.
> 
> There are means like
> 
>       #include <assert.h>
>       ...
>       assert(s);
> 
> to make sure s is not NULL, or testing for it explicitely like
> 
>       if(!s)
>               ... error handling here ...

You are missing my point that *s == 0 is not a good out of bounds range
check.

> is possible. Furthermore, it is a proven way to give a length
> argument along with the (char *) argument, such as the "new"
> l-functions for strings, e. g. strlcat() and strlcpy(), do.
> 
>       char *skiptags(char *s, int l);
> 
> You can even double-check for l begin != 0. Or you employ a
> test with strlen() function-internally.

strlen() knows nothing about the buffer allocation. As I originally
said, testing for null (and my example tested) is not foolproof but its
better than nothing. One should *also* test for the known end of the
allocated buffer.

-- 
David Kelly N4HHE, dke...@hiwaay.net
========================================================================
Whom computers would destroy, they must first drive mad.
_______________________________________________
freebsd-questions@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-questions
To unsubscribe, send any mail to "freebsd-questions-unsubscr...@freebsd.org"

Reply via email to